[releaser-4.7] Bug 1950131: fix deadlock in EgressFirewall DNS code #513
Commits on Apr 23, 2021
-
fix deadlock in EgressFirewall DNS code
Currently when adding EgressFirewalls with 5 or so dnsNames (observed with 5 dnsNames) it is probable that a deadlock will occur. thread openshift#1 calls (e *EgressDNS) Add() grabs lock e.lock and calls signalAdded(dnsName) and continues looping to the next dnsName calling (e *EgressDNS) Add() grabbing e.lock and trying to write to the channel thread openshift#2 recieves the signalAdded(dnsName) and is waiting to grab e.lock in updateEntry for name thread openshift#1 cannot write to the channel because the channel blocks waiting for the write and holds e.lock thread openshift#2 cannot continue with updateEntryForName() because it is wating for e.lock Solve this problem by taking the add goroutine out of the long running update goroutine. By spawning a goroutine for every DNS name the goroutines can wait until it is there turn to update. includes a small e2e test that should exercise the deadlocking codepaths Signed-off-by: Jacob Tanenbaum <jtanenba@redhat.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.